Cathy has an interesting background with the Department of Defense and joined Infinity with a great understanding of what is required to lock down data and secure an IT environment.
As I interviewed Cathy, I learned that the main overall issues they face include:

So they have been able to implement Oracle Advanced Security to address these security requirements without having to make any application changes. Additionally, there has been "no performance degradation whatsoever."To further put in place a defense in depth database security strategy, Infinity is also implementing Oracle Database Vault for separation of duties and least privilege.

When I asked why they chose Oracle, Cathy responded with the following:

"Oracle is simplifying its security offerings
by combining a pair of existing tools into a single package. The offering,
Oracle Audit Vault and Database Firewall, provides both network traffic
sniffing for security threats and audit data analysis.” – IDG News Service

“Oracle is merging a couple of its existing
security products together to make one big solution to tackle Oracle and
non-Oracle database traffic.” – ZDNet Between the Lines blog

“The consolidated, centralized repository
enables all audit and event logs to be analyzed in real-time against
pre-defined policies; offers visibility into stored procedure execution,
recursive SQL and operational activities; comes with dozens of built-in reports
to meet compliance requirements; and provides a range of alerts, including
multi-event alerts and alert thresholds.” – Database Trends and
Applications